On Thu, 11 Apr 2002, Chris Wright wrote: > In current 2.5, the sys_nfsservctl has been fundamentally changed. The > functionality has been moved to a filesystem called nfsd. I see three > options for supporting nfsservctl hooks as we move forward: <snip> > 3) This is a filesystem, remove the nfsservctl hook since we have the > standard filesystem hooks. This conceptually preserves our current stance > which tries to avoid placing filesystem specific hooks. And reading > the data passed in the buffers during a file write seems a bit strange. > Labelling via standard post_lookup is a little tough, since currently > this is an in kernel fs and it manually populates the dcache. This option appears to be the most consistent with LSM, as you noted. The first option would just be a short term solution, encouraging module writers to rely on support that will soon vanish. The second option is too invasive, as you also noted. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Apr 12 2002 - 07:20:58 PDT